Added a lot of stubbing to make sure OAUth requests are handled properly with 2FA

2a0be666 · Patricio Cano · eda20534 · 2a0be666 · 2a0be666 · 2a0be666
Commit 2a0be666 authored Jul 05, 2016 by Patricio Cano
4 changed files
--- a/spec/features/login_spec.rb
+++ b/spec/features/login_spec.rb
@@ -110,12 +110,29 @@ feature 'Login', feature: true do
    end

    context 'logging in via OAuth' do
+      def saml_config
+        OpenStruct.new(name: 'saml', label: 'saml', args: {
+          assertion_consumer_service_url: 'https://localhost:3443/users/auth/saml/callback',
+          idp_cert_fingerprint: '26:43:2C:47:AF:F0:6B:D0:07:9C:AD:A3:74:FE:5D:94:5F:4E:9E:52',
+          idp_sso_target_url: 'https://idp.example.com/sso/saml',
+          issuer: 'https://localhost:3443/',
+          name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
+        })
+      end
+
      def stub_omniauth_config(messages)
+        Rails.application.env_config['devise.mapping'] = Devise.mappings[:user]
+        Rails.application.routes.disable_clear_and_finalize = true
+        Rails.application.routes.draw do
+          post '/users/auth/saml' => 'omniauth_callbacks#saml'
+        end
+        allow(Gitlab::OAuth::Provider).to receive_messages(providers: [:saml], config_for: saml_config)
        allow(Gitlab.config.omniauth).to receive_messages(messages)
+        allow_any_instance_of(Object).to receive(:user_omniauth_authorize_path).with('saml').and_return('/users/auth/saml')
      end

      it 'should show 2FA prompt after OAuth login' do
-        stub_omniauth_config(enabled: true, auto_link_saml_user: true, allow_single_sign_on: ['saml'], providers: [OpenStruct.new(name: 'saml', label: 'saml', args: {})])
+        stub_omniauth_config(enabled: true, auto_link_saml_user: true, allow_single_sign_on: ['saml'], providers: [saml_config])
        user = create(:omniauth_user, :two_factor, extern_uid: 'my-uid', provider: 'saml')
        login_via('saml', user, 'my-uid')


--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -56,4 +56,4 @@ FactoryGirl::SyntaxRunner.class_eval do
  include RSpec::Mocks::ExampleMethods
 end

-ActiveRecord::Migration.maintain_test_schema!
\ No newline at end of file
+ActiveRecord::Migration.maintain_test_schema!
--- a/spec/support/login_helpers.rb
+++ b/spec/support/login_helpers.rb
@@ -39,6 +39,7 @@ module LoginHelpers

  def login_via(provider, user, uid)
    mock_auth_hash(provider, uid, user.email)
+    Rails.application.env_config['omniauth.auth'] = OmniAuth.config.mock_auth[:saml]
    visit new_user_session_path
    click_link provider
  end
@@ -57,6 +58,15 @@ module LoginHelpers
      credentials: {
        token: 'mock_token',
        secret: 'mock_secret'
+      },
+      extra: {
+        raw_info: {
+          info: {
+            name: 'mockuser',
+            email: email,
+            image: 'mock_user_thumbnail_url'
+          }
+        }
      }
    })
  end

--- a/spec/support/omni_auth.rb
+++ b/spec/support/omni_auth.rb
-OmniAuth.config.test_mode = true
\ No newline at end of file
+OmniAuth.config.test_mode = true